Search Results: secure-coding

Found 90 Skills

Security & Compliancevchirrav/owasp-secure-cod...

secure-coding-audit

Audit code for security vulnerabilities using OWASP Secure Coding rules. Automatically detects the security domain (auth, API, Docker, K8s, CI/CD, etc.) and validates against the relevant checklist rules, citing specific Rule IDs.

🇺🇸|EnglishTranslated

Security & Compliancenickcrew/claude-ctx-plugi...

secure-coding-practices

Secure coding practices and defensive programming patterns for building security-first applications. Use when implementing authentication, handling user input, managing sensitive data, or conducting secure code reviews.

🇺🇸|EnglishTranslated

Security & Compliancevchirrav/owasp-secure-cod...

secure-coding-generate

Generate secure code following OWASP Secure Coding rules. Automatically detects the security domain and produces code with inline Rule ID citations (e.g., [INPUT-04], [AUTH-07]) plus a rules-applied summary.

🇺🇸|EnglishTranslated

Security & Compliancejabrena/cursor-rules-java

124-java-secure-coding

Use when you need to apply Java secure coding best practices — including validating untrusted inputs, defending against injection attacks with parameterized queries, minimizing attack surface via least privilege, applying strong cryptographic algorithms, handling exceptions securely without exposing sensitive data, managing secrets at runtime, avoiding unsafe deserialization, and encoding output to prevent XSS. Part of the skills-for-java project

🇺🇸|EnglishTranslated

Uncategorizedoracle/netsuite-suiteclou...

netsuite-owasp-secure-coding

Platform-agnostic OWASP secure coding practices with JavaScript/Node.js patterns and NetSuite SuiteScript examples. Covers Open Worldwide Application Security Project (OWASP) Top 10 (2021), output encoding, injection prevention, CSP headers, file security, API hardening, AI agent security, DRY security patterns, and 48+ security pitfalls with GOOD/BAD code templates.

🇺🇸|English

Security & Compliancevchirrav/owasp-secure-cod...

sbom-syft

Run Syft to generate Software Bill of Materials (SBOM) from container images and filesystems. Outputs CycloneDX or SPDX formats for supply chain compliance.

🇺🇸|EnglishTranslated

Security & Compliancevchirrav/owasp-secure-cod...

sast-spotbugs

Run SpotBugs with Find Security Bugs plugin on Java code. Detects injection flaws, XXE, insecure crypto, SSRF, deserialization, and other JVM security bugs.

🇺🇸|EnglishTranslated

Security & Compliancevchirrav/owasp-secure-cod...

license-scan-scancode

Run ScanCode Toolkit for comprehensive license and copyright detection. Identifies license types, copyright holders, and compliance obligations across codebases.

🇺🇸|EnglishTranslated

Security & Compliancevchirrav/owasp-secure-cod...

container-scan-trivy

Run Trivy to scan container images for OS and library vulnerabilities, misconfigurations, and secrets. Comprehensive multi-target security scanner.

🇺🇸|EnglishTranslated

Security & Compliancevchirrav/owasp-secure-cod...

dependency-confusion-detect

Run Confused and GuardDog to detect dependency confusion and typosquatting risks. Checks if internal package names exist on public registries and identifies malicious packages.

🇺🇸|EnglishTranslated

Security & Compliancevchirrav/owasp-secure-cod...

dast-zap

Run OWASP ZAP for Dynamic Application Security Testing. Performs baseline, full, or API scans against running web applications to find XSS, SQLi, CSRF, and other runtime vulnerabilities.

🇺🇸|EnglishTranslated

Security & Compliancevchirrav/owasp-secure-cod...

sca-grype

Run Anchore Grype for SCA vulnerability scanning on filesystems and container images. Matches dependencies against multiple vulnerability databases (NVD, GitHub, OS advisories).

🇺🇸|EnglishTranslated